Bump certifi from 2024.6.2 to 2024.7.4 #1475
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: [main] | |
tags: ['v*'] | |
pull_request: | |
branches: [main] | |
workflow_dispatch: | |
env: | |
LATEST_PY_VERSION: '3.11' | |
COVERAGE_ARGS: '--cov --cov-report=term --cov-report=xml' | |
XDIST_ARGS: '--numprocesses=auto' | |
jobs: | |
# Run unit tests for each supported python version | |
test: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12'] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- uses: snok/install-poetry@v1.3 | |
with: | |
virtualenvs-in-project: true | |
# Cache packages per python version, and reuse until lockfile changes | |
- name: Cache python packages | |
id: cache | |
uses: actions/cache@v4 | |
with: | |
path: .venv | |
key: venv-${{ matrix.python-version }}-${{ hashFiles('poetry.lock') }} | |
- name: Install dependencies | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: poetry install -v -E all | |
# Run tests with coverage report | |
- name: Run tests | |
run: poetry run pytest -rs -x -vv ${{ env.XDIST_ARGS }} ${{ env.COVERAGE_ARGS }} | |
# Latest python version: send coverage report to codecov | |
- name: "Upload coverage report to Codecov" | |
if: ${{ matrix.python-version == env.LATEST_PY_VERSION }} | |
uses: codecov/codecov-action@v4 | |
# Run code analysis checks via pre-commit hooks | |
analyze: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.LATEST_PY_VERSION }} | |
- name: Run style checks & linting | |
uses: pre-commit/action@v3.0.1 | |
- name: Scan dependencies for known vulnerabilities | |
uses: pypa/gh-action-pip-audit@v1.0.8 | |
with: | |
vulnerability-service: osv | |
# Ignore issues with pip and setuptools versions used by the action itself | |
ignore-vulns: | | |
PYSEC-2023-228 | |
PYSEC-2022-43012 |